Page(s) : 1 2 3 4 5 6 [7] 8 9 10 11 12 13 14 15 16 17 ... | Result(s) : 275454 |
Alerts
DATE | NAME | CATEGORIES | DETAIL | |
---|---|---|---|---|
N/A | 2024-05-15 | CVE-2024-3629 | cve | The HL Twitter WordPress plugin through 2014.1.18 does not have CSRF check in place when updating its settings, which could allow attackers to make a logged in admin change them... |
N/A | 2024-05-15 | CVE-2024-3630 | cve | The HL Twitter WordPress plugin through 2014.1.18 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross... |
N/A | 2024-05-15 | CVE-2024-3631 | cve | The HL Twitter WordPress plugin through 2014.1.18 does not have CSRF check when unlinking twitter accounts, which could allow attackers to make logged in admins perform such act... |
N/A | 2024-05-15 | CVE-2024-3634 | cve | The month name translation benaceur WordPress plugin before 2.3.8 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perf... |
N/A | 2024-05-15 | CVE-2024-3748 | cve | The SP Project & Document Manager WordPress plugin through 4.71 is missing validation in its upload function, allowing a user to manipulate the `user_id` to make it appear that ... |
N/A | 2024-05-15 | CVE-2024-3749 | cve | The SP Project & Document Manager WordPress plugin through 4.71 lacks proper access controllers and allows a logged in user to view and download files belonging to another user |
N/A | 2024-05-15 | CVE-2024-3822 | cve | The Base64 Encoder/Decoder WordPress plugin through 0.9.2 does not sanitise and escape a parameter before outputting it back in the page, leading to a Reflected Cross-Site Scrip... |
N/A | 2024-05-15 | CVE-2024-3823 | cve | The Base64 Encoder/Decoder WordPress plugin through 0.9.2 does not have CSRF check when updating its settings, and is missing sanitisation as well as escaping, which could allow... |
N/A | 2024-05-15 | CVE-2024-3824 | cve | The Base64 Encoder/Decoder WordPress plugin through 0.9.2 does not have CSRF check in place when resetting its settings, which could allow attackers to make a logged in admin re... |
6.4 | 2024-05-15 | CVE-2024-4636 | cve | The Image Optimization by Optimole – Lazy Load, CDN, Convert WebP & AVIF plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ‘allow_meme_types’ function in... |
8.8 | 2024-05-15 | CVE-2024-4010 | cve | The Email Subscribers by Icegram Express plugin for WordPress is vulnerable to unauthorized access of data, modification of data, and loss of data due to a missing capability ch... |
4.3 | 2024-05-15 | CVE-2024-0437 | cve | The Password Protected – Ultimate Plugin to Password Protect Your WordPress Content with Ease plugin for WordPress is vulnerable to Sensitive Information Exposure in all version... |
6.4 | 2024-05-15 | CVE-2024-4363 | cve | The Visual Portfolio, Photo Gallery & Post Grid plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ‘title_tag’ parameter in all versions up to, and includ... |
6.4 | 2024-05-15 | CVE-2024-4370 | cve | The WPZOOM Addons for Elementor (Templates, Widgets) plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's widget Image Box in all versions up ... |
N/A | 2024-05-15 | CVE-2024-3744 | cve | A security issue was discovered in azure-file-csi-driver where an actor with access to the driver logs could observe service account tokens. These tokens could then potentially ... |
N/A | 2024-05-15 | CVE-2024-35108 | cve | idccms v1.35 was discovered to contain a Cross-Site Request Forgery (CSRF) via the component /admin/homePro_deal.php?mudi=del&dataType=&dataTypeCN. |
N/A | 2024-05-15 | CVE-2024-35109 | cve | idccms v1.35 was discovered to contain a Cross-Site Request Forgery (CSRF) via the component /homePro_deal.php?mudi=add&nohrefStr=close. |
4.3 | 2024-05-15 | CVE-2024-4199 | cve | The Bulk Posts Editing For WordPress plugin for WordPress is vulnerable to unauthorized access of functionality due to a missing capability check on the plugin's AJAX actio... |
N/A | 2024-05-15 | CVE-2024-4373 | cve | The Sina Extension for Elementor (Slider, Gallery, Form, Modal, Data Table, Tab, Particle, Free Elementor Widgets & Elementor Templates) plugin for WordPress is vulnerable to St... |
6.4 | 2024-05-15 | CVE-2024-4618 | cve | The Exclusive Addons for Elementor plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the Team Member widget in all versions up to, and including, 2.6.9.6 due... |
Page(s) : 1 2 3 4 5 6 [7] 8 9 10 11 12 13 14 15 16 17 ... | Result(s) : 275454 |